package com.jiangjiesheng.controller;

import com.jiangjiesheng.vo.User;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

@Controller
public class UserController {

    String loginAgain = ",<a href='/login.html'>重新登录</a></div>";
    // 用于login.html
    // application/json;charset=utf-8
    @RequestMapping(value = "/subLogin", method = RequestMethod.POST, produces = "text/html;charset=utf-8")
    @ResponseBody
    public String login(User user) {

        Subject subject = SecurityUtils.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(user.getUserName(), user.getPassWord());
        try {
            token.setRememberMe(user.getRememberMe());
            subject.login(token);
        } catch (Exception e) {
            return "登录失败"+loginAgain;
        }
        String redirectPageHtml = "<br/>登录成功,<a href='/'>打开首页</a>";
        try {
            subject.checkPermission("admin:insert");
        } catch (AuthorizationException e) {
            return "无admin:insert权限" + redirectPageHtml; //js 账号 123456 测试
        }
        String hasPermission = "有admin:insert权限";
        if (subject.hasRole("admin")) {
            return hasPermission + ",有adminRole" + redirectPageHtml;
        }
        return hasPermission + ",无adminRole" + redirectPageHtml;
    }

    @RequestMapping(value = "/logout", method = RequestMethod.GET, produces = "text/html;charset=utf-8")
    @ResponseBody
    public String logout() {
        Subject subject = SecurityUtils.getSubject();
        subject.logout();
        return "退出登录"+loginAgain;
    }

    //http://localhost:8082/testRoles 先登录
    //@RequiresPermissions("admin:insert") 判断权限
    // @RequiresRoles("admin") spring.xml过滤器访问
    @RequestMapping(value = "/testRoles", method = RequestMethod.GET)
    @ResponseBody
    public String testRoles() {
        return "testRoles success";
    }

    //http://localhost:8082/testRoles1 先登录
    // @RequiresPermissions("admin1") spring.xml过滤器访问
    @RequestMapping(value = "/testRoles1", method = RequestMethod.GET)
    @ResponseBody
    public String testRoles1() {
        return "testRoles1 success";
    }

    //http://localhost:8082/testPerms spring.xml过滤器访问
    @RequestMapping(value = "/testPerms", method = RequestMethod.GET)
    @ResponseBody
    public String testPerms() {
        return "testPerms success";
    }

    //http://localhost:8082/testPerms1 spring.xml过滤器访问
    @RequestMapping(value = "/testPerms1", method = RequestMethod.GET)
    @ResponseBody
    public String testPerms1() {
        return "testPerms1 success";
    }

    //http://localhost:8082/testRolesOr spring.xml中自定义or角色过滤器
    @RequestMapping(value = "/testRolesOr", method = RequestMethod.GET)
    @ResponseBody
    public String testRolesOr() {
        return "testRolesOr success";
    }
}
